By clicking or navigating this website site, you agree to allow our collection of information on Scaleway to offer you an optimal user experience and to keep track of statistics through cookies. Learn more about our Cookie Policy.

How to create and enable SSH Keys

SSH Keys Overview

When creating a Compute Instance, you will not receive a root password. Authentication is based on secure SSH keys instead of using passwords.SSH keys allow password-less authentication on secure shell (SSH) Connections.

This guide shows how to configure and enable a SSH key on Windows, MacOS or Linux computers.

RSA Key Pair

Before creating your first instance, you have to create a RSA key pair on your local computer. A RSA key pair consists of two elements:

An identification key, which must be kept securely

A public key which needs to be uploaded to the Scaleway interface.

The public key is kept in your Scaleway account and transferred to the instance during the boot process, while the private key is kept securely on your computer.

When connecting to the instance via SSH, a trusted connection to the machine is being established using the key pair. If there is a discrepancy between the keys or any of them is missing, authentication fails and a connection cannot be established.

Important: For security reasons you must generate a 2048-bit or 4096-bit RSA key. Older 1024-bit keys are no longer supported.

Creating the Key Pair on OSX and Linux

1 . Open the terminal application (command line) by clicking on the corresponding icon:

2 . Type the following command ssh-keygen -o -b 4096 and press Enter to generate the new key:

The -o option was added in 2014; if this command fails for you, simply remove the -o flag.

3 . Enter the file path in which to safe the key. Leave it at the default setting if you are creating your first key (which will be saved as id_rsa):

Enter file in which to save the key (/Users/me/.ssh/id_rsa):`

4 . Set a passphrase, this step is not mandatory but highly recommended for increased security. The passphrase can be freely chosen. If no passphrase is required, press Enter:

Enter passphrase (empty for no passphrase):

5 . Enter the passphrase again to confirm it. Then press Enter:

Enter same passphrase again:

6 . The key pair is being generated (a public key that we will copy on your instances, and a private key that you must keep secret). By default, the two files are located in the /Users/me/.ssh/ directory:

The public Key is named id\_rsa.pub

The private Key is named id\_rsa

The entire key generation looks like this

ssh-keygen -o -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/me/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /Users/me/.ssh/id_rsa.
Your public key has been saved in /Users/me/.ssh/id_rsa.pub.
The key fingerprint is:
12:93:cc:c1:5b:76:4f:b6:b9:b4:65:b0:33:8b:f1:59 me@localhost
...

Display the public key content with the cat command and copy it, as it is required for step 2: